Not able to link secrets to nested acorns services.

Question

Not able to link secrets to nested acorns services.

sangee2004 opened this issue a year ago · comments

Sangeetha Hariharan commented a year ago

Server - main

Steps to reproduce the problem:

Create a secret of type "basic"

secrets: {
    password: {
        type: "basic"
    	data: {
	username: "testuser"
        password: "testpass"
}
}
}

acorn secrets mariasec.password
NAME                TYPE      KEYS                  CREATED
mariasec.password   basic     [password username]   63m ago

Use the secret created in step1 as the user creds for creating the Mariadb service and use the secret values to connect to the Mariadb service from the consuming app.

acorn run -s mariasec.password:db.user -n testmarriasec -f AcornfileUseroverride

Acornfile used:

services: db: image: "ghcr.io/acorn-io/mariadb:v10.#.#-#"

containers: app: {
        build: context: "."
        consumes: [ "db"]
        ports: publish: "8000/http"
        env: {
                DB_HOST: "@{service.db.address}"
                DB_PORT: "@{service.db.port.3306}"
                DB_NAME: "@{service.db.data.dbName}"
                DB_USER: "testuser"
                DB_PASS: "testpass"
        }
        if args.dev {
                dirs: "/app":     "./"
                env: FLASK_DEBUG: "1"
        }
}

This will result in the consuming app to crash because of not being able to connect to the Mariadb service

2023-11-17 21:30:01 3 [Warning] Access denied for user 'testuser'@'10.42.3.145' (using password: YES)

In this case , Mariadb service does not use the linked secret for user secret.

Expected Behavior:
Mariadb service should get created with user credentials from the linked secret.

Note - Able to link secrets to the Mariadb service using - acorn run -s mariasec.password:user -n <appname> ghcr.io/acorn-io/mariadb:v10.11.5-2

Problem seems to happen only in the case of nested acorns.